Re: vtpmmgr stubdom

["Manfred Haertel, DB3HM" <Manfred.Haertel@xxxxxxxxxxxx>]

James Dingwall schrieb:
> On Wed, Oct 16, 2024 at 11:54:17AM +0000, Brian Woods wrote:
> > Has anyone got this working? In 4.19.1-pre (stable-4.19 HEAD) I'm getting 
> > stubdom errors about it not being able to initialize the storage system.
> We've been exploring the tpm options available recently but there seems
> to be a real lack of information about what is supported and how to
> configure it.  What I read seems as though the vtpm is based on a BerliOs
> project that only emulates a TPM 1.2 which isn't good enough for Windows
> (our area of interest), instead we are trying to get `swtpm` working with
> qemu - no success yet though.
I succeeded in using swtpm with a Windows 11 VM under Xen, but it was 
not quite easy.
Windows refers to the ACPI tables when recognizing TPM. So you have to 
define a SSDT that defines a TPM 2.0 device and disables the TPM 1.2 device.
KVM contains ASL code for this, but this code is incorrect and has 
probably never worked since a patch for it was applied in 2013. The code 
before 2013 works though.
In addition, a separate ACPI table with the name TPM2 is needed.

And last but not least Windows requires TPM to be started by the "BIOS", 
so you will need a TPM2 capable OVMF.
--
Manfred Härtel, DB3HM    mailto:Manfred.Haertel@xxxxxxxxxxxx
                         http://rz-home.de/mhaertel